Method and apparatus to correlate mobile device wireless activity and security data

ABSTRACT

A computer implemented method, apparatus, and computer program are provided. The method is under control of one or more processors configured with executable instructions. The method detects, at a wireless activity (WLA) tracking apparatus, wireless activity of a mobile device in a proximity of a local wireless environment. The method automatically generates a WLA timestamp associated with the detecting the wireless activity of the mobile device and utilizes one or more of the wireless activity and WLA timestamp to identify one or more of a security device and a segment of security data collected by the security device.

FIELD

The present disclosure relates generally to detecting wireless activityof a mobile device, and more particularly to correlating the wirelessactivity of the mobile device with a segment of security data.

BACKGROUND OF THE INVENTION

Security systems today utilize various types of devices to collectsecurity data, such as video and audio information, in connection withmonitoring an area. For example, home and commercial security systemsutilize video cameras, motion detectors, door and window sensors, glassbreak detectors, etc., to monitor entry to (and a presence in) a home,business, school, warehouse, office, property and the like. Afteractivity occurs in a monitored area, the security data collected may beinstrumental in identifying relevant information associated with theactivity. For example, the security data may include video informationcan be used to identify the person(s) responsible for the activityand/or whether the activity is authorized or unauthorized.

Conventional security systems collect massive amounts of security data,such as video and audio information. However, conventional securitysystems offer limited mechanisms for a user to determine which segmentof the security data contains the information associated with a specificactivity of interest. For instance, motion sensors and video monitoringcameras are able to identify when activity occurs, but are unable todifferentiate between normal/acceptable and abnormal/unacceptableactivity. For example, motion cameras are unable to determine whether anindividual is an authorized individual, such as a homeowner, family,customer, neighbor, friend, delivery personnel, employee and the like,or an unauthorized individuals. Typically, an operator must manuallysearch through hours of video information from multiple video cameras tolocate the segment of video information that depicts a particularactivity of interest. Often, activity of interest occurs during arelatively short time period (e.g., only a few minutes) which rendersmanual search mechanisms even more difficult to utilize.

SUMMARY

In accordance with embodiments here, a method is provided. The method isunder control of one or more processors configured with executableinstructions. The method detects, at a wireless activity (WLA) trackingapparatus, wireless activity of a mobile device in a proximity of alocal wireless environment. The method automatically generates a WLAtimestamp associated with the detecting the wireless activity of themobile device and utilizes one or more of the wireless activity and WLAtimestamp to identify one or more of a security device and a segment ofsecurity data collected by the security device.

Optionally, the detecting may comprise detecting a wireless signature(WLS) of the mobile device. The utilizing may automatically correlatethe wireless signature with the one or more of the security device andthe segment of security data collected by the security device based onthe WLA timestamp. The utilizing may further comprise receiving a searchrequest designating a wireless activity factor and may search a WLA logfor a WLA record of interest that satisfies the wireless activityfactor. The WLA record of interest may include the wireless signatureand the WLA timestamp. The utilizing may search a security data log forsecurity data of interest based on a comparison of the WLA timestamp andsecurity timestamps stored in the security data log. The security dataof interest may include the one or more of the security device and thesegment of security data collected by the security device.

Optionally, the method may display the segment of security datacollected by the security device that overlaps the WLA timestamp. Themethod may identify a security zone in the local wireless environment inwhich the wireless activity occurred. The utilizing may identify thesecurity device that may correspond to the security zone. The method mayperform a security action based on the one or more of the securitydevice and the segment of security data identified. The security actionmay send an electronic notification to security personnel. The securityaction may send a request to change a state of the security device. Thesecurity device may represent a PZT camera having pan, zoom and tilt(PZT) functionality. The security action may redirect the PZT camera topoint towards a detected path of the mobile device.

In accordance with embodiments herein an apparatus is provided. Theapparatus comprises a tracking circuit to detect wireless activity inproximity to a local wireless environment, a processor and a memory tostore program instructions accessible by the processor. In response toexecution of the program instructions, the processor automaticallygenerates a WLA timestamp associated with the detecting of the wirelessactivity of the mobile device and utilizes one or more of the wirelessactivity and WLA timestamp to identify one or more of a security deviceand a segment of security data collected by the security device.

Optionally, the memory may store a WLA log including WLA records thatmay include wireless signatures (WLS) of mobile devices detected by thetracking circuit. The WLA records may include corresponding WLAtimestamps indicating when the wireless signature of the mobile deviceswere detected. The WLA records may further comprise one or more ofsecurity zones where the wireless signature is detected. A WLS entrytime in connection with the wireless signature may enter a detectionrange of the tracking circuit. A WLS exit time in connection with thewireless signature may exit the detection range. The memory may store aWLS list that may include one or more of known wireless signature,repeat wireless signature and restricted wireless signature.

Optionally, the processor, responsive to execution of programinstructions, may maintain a WLA log of wireless signatures of mobiledevices detected by the tracking circuit and corresponding WLAtimestamps. The processor may receive a search request designating awireless activity factor, and may search a WLA log for a WLA record ofinterest that satisfies the wireless activity factor, the WLA record ofinterest including the wireless signature and the WLA timestamp. Theprocessor may search a security data log for security data of interestbased on a comparison of the WLA timestamp and security timestampsstored in the security data log. The security data of interest mayinclude the one or more of the security device and the segment ofsecurity data collected by the security device.

In accordance with embodiments herein, a computer program product isprovided comprising a non-signal computer readable storage mediumcomprising computer executable code to: detect, at a wireless activity(WLA) tracking apparatus, wireless activity of a mobile device within aproximity of a local wireless environment, automatically generating aWLA timestamp associated with the detecting of the wireless activity ofthe mobile device, and utilize one or more of the wireless activity andWLA timestamp to identify one or more of a security device and a segmentof security data collected by the security device.

Optionally, the computer program product may further comprise a securitydata log. The computer executable code may search the security data logfor security data of interest based on a comparison of the WLA timestampand security timestamps stored in the security data log. The securitydata of interest may include the one or more of the security device andthe segment of security data collected by the security device. A WLA logmay include WLA records that may include wireless signatures (WLS) ofmobile devices detected. The WLA records may include corresponding WLAtimestamps indicating when the wireless signature of the mobile deviceswere detected.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a functional block diagram illustrating a local wirelessenvironment that is monitored in accordance with embodiments herein.

FIG. 2 illustrates a block diagram of a WLA tracking apparatus and WLAdatabase formed in accordance with embodiments herein.

FIG. 3 illustrates a process for collecting wireless activity andsecurity data in accordance with embodiments herein.

FIG. 4A illustrates a process for utilizing wireless activity and/or WLAtimestamps to identify a security device of interest and/or a segment ofinterest from the security data in accordance with embodiments herein.

FIG. 4B illustrates a process for utilizing security data to identifywireless activity and/or WLA timestamps of interest in accordance withembodiments herein.

FIG. 5 is a functional block diagram illustrating a local wirelessenvironment that includes independent WLA tracking apparatus andsecurity apparatus in accordance with embodiments herein.

FIG. 6 is a block diagram of components of a WLA tracking apparatusformed in accordance with embodiments herein.

FIG. 7 illustrates a simplified block diagram of internal components ofan electronic device configured to operate in accordance withembodiments herein.

DETAILED DESCRIPTION

It will be readily understood that the components of the embodiments asgenerally described and illustrated in the Figures herein, may bearranged and designed in a wide variety of different configurations inaddition to the described example embodiments. Thus, the following moredetailed description of the example embodiments, as represented in theFigures, is not intended to limit the scope of the embodiments, asclaimed, but is merely representative of example embodiments.

Reference throughout this specification to “one embodiment” or “anembodiment” (or the like) means that a particular feature, structure, orcharacteristic described in connection with the embodiment is includedin at least one embodiment. Thus, appearances of the phrases “in oneembodiment” or “in an embodiment” or the like in various placesthroughout this specification are not necessarily all referring to thesame embodiment.

Furthermore, the described features, structures, or characteristics maybe combined in any suitable manner in one or more embodiments. In thefollowing description, numerous specific details are provided to give athorough understanding of embodiments. One skilled in the relevant artwill recognize, however, that the various embodiments can be practicedwithout one or more of the specific details, or with other methods,components, materials, etc. In other instances, well-known structures,materials, or operations are not shown or described in detail to avoidobfuscation. The following description is intended only by way ofexample, and simply illustrates certain example embodiments.

The term “wireless mobile device”, as used throughout, shall include(but not be limited to) any device that is mobile and utilizes awireless transmitter to establish at least a one-way or two-waycommunication session. For example, a one-way communication session mayrepresent a data transfer session from a mobile device. The transmittermay represent a one-way transmitter, a transceiver and the like. Thetransceiver may be a cellular transceiver, a GPS transceiver, or anyother type of transceiver capable of communication over a wirelessnetwork. As non-limiting examples, the device may be a sensor, Fitbitdevice, cellular phone, smart watch, wireless/cellular enable vehicles,portable computing devices and any other device that is mobile and ableto establish at least a one-way communication session. The computingdevice can be a laptop computer, tablet computer, netbook computer,personal computer (PC), a desktop computer, a personal digital assistant(PDA), a smart phone, or any programmable electronic device capable ofwireless communication.

The terms “wireless signature” and “WLS” as used herein, refer toinformation transmitted from a mobile wireless device that identifiesthe mobile device. The wireless signature may uniquely identify themobile wireless device from other mobile wireless devices. For example,the wireless signature may represent a serial number, SSID, telephonenumber, MAC address, or other unique for a physical mobile wirelessdevice, an operating system and/or software application running on thedevice. Additionally or alternatively, the wireless signature may not bea uniquely ID for the mobile device, but instead identify the mobiledevice to be within a type or class of mobile devices. For example, aGPS transmitter may transmit a wireless signature that indicates thatthe mobile device is a GPS transmitter (and not a cellular transmitter).

The term “broadcast signal”, as used herein, refers to a signaltransmitted by a transmitter of a wireless mobile device prior to,and/or independent of, establishing access to a wireless network and/orestablishing a communications session. The broadcast signal may betransmitted in connection with an attempt to establish a communicationssession, such as by a Bluetooth, cellular or WiFi transceiver. Forexample, the broadcast signal may represent an advertisement orconnection request transmitted over one or more broadcast channels inaccordance with a cellular or other wireless protocol. Optionally, thebroadcast signal may not be transmitted in connection with an attempt toestablish a communications session. Instead, the broadcast signal mayrepresent a “ping” or location indicator, such as transmitted inconnection with a cellular protocol. Optionally, the broadcast signalmay represent a position or time stamp, such as transmitted inconnection by a GPS tracking device.

The terms “wireless activity tracking apparatus” and “WLA trackingapparatus”, as used throughout, shall include routers, firewalls,cellular transceiver, GPS transceivers, wireless access point and otherdevices that afford access to a wireless environment and support atleast one-way communication over the wireless environment. The wirelessenvironment may represent a local area network, a private or public areanetwork, a wide-area network, a cellular network, a GPS network orotherwise.

The terms “wireless activity” and “active wireless activity” as usedthroughout, refer to transmitted signals from an active transmitter of amobile device in accordance with a wireless communications protocol. Thewireless activity represents any signal transmitted by a transmitter ofa mobile device, such as in connection with requesting, establishing,maintaining or disconnecting a communications session with a local orwide area network, a cellular network, a GPS network and the like. Thewireless activity also represents any signal transmitted by atransmitter of a mobile device, such as in connection with a GPS orcellular device providing a “ping” to a cellular/GPS tower indicating apresence/location of the GPS or cellular device. For example, thewireless communications protocol may correspond to a local or wide areanetwork protocol, such as a Bluetooth protocol, Bluetooth Low Energyprotocol, WiFi (IEEE 802.11) protocol and the like. In addition, thewireless communications protocol may represent a cellular protocol, suchas GSM, LTE, CDMA, WCDMA, TD-SCDMA and the like. In addition, thewireless communications protocol may represent a GPS protocol. Inconnection with GPS wireless activity, the wireless activity maycorrespond to coordinates, identification and location informationtransmitted from a GPS enabled mobile device. As non-limiting examples,the mobile device may be a sensor, Fitbit device, cellular phone, smartwatch, wireless/cellular enable vehicles, portable computing devices,GPS tracking apparatus and any other device that is mobile and able toestablish at least a one-way communication session. The term “wirelessactivity” does not include transmission of information by a passiveradio-frequency identification device (RFID) wherein a passive RFID tagonly transmits in response to a transmission from a separate RFIDreader.

In accordance with embodiments herein, methods, apparatus and computerprogram products use wireless identifiers to detect wireless activity bymobile devices (and thus users carrying such mobile devices) when withina range of a reference point (e.g., the WLA tracking apparatus) and/orwithin designated security zones (e.g., zones proximate to securitydevices). WLA timestamps are generated when wireless activity occurs andthe WLA timestamps are saved with the wireless activity to facilitatesubsequent use of the wireless activity in connection with correlatingthe wireless activity to security data collected by a securityapparatus.

As one example, an individual carrying a smart phone or other wirelessmobile device may walk along a sidewalk or other monitored area inproximity to cameras along a boundary of a home or personal property.The security apparatus may continuously store security data over anextended period of time as collected by the cameras, without anyseparate identification of, or regard for, when a particular individualpasses through the field of view of the cameras while walking along thesidewalk. However, when the WLA tracking apparatus detects wirelessactivity for the smart phone, the WLA tracking apparatus records thewireless activity (e.g., a wireless signature) along with a WLAtimestamp. As explained herein, methods, apparatus and computer programproducts afford various mechanisms to automatically correlate thewireless signature with one or more segments of the security data andprovide the security data segments for review.

FIG. 1 is a functional block diagram illustrating a local wirelessenvironment 100 that is monitored in accordance with embodiments herein.In the example of FIG. 1, the local wireless environment 100 representsa residential or commercial establishment, such as a home, school,campus, religious establishment, warehouse, building, campus, officecomplex and the like that may be under control of one general entity(e.g., an owner, security company, commercial entity). The range/size ofthe local wireless environment 100 will vary based on the type of thewireless environment (e.g., local area network, wide area network,cellular, GPS), the range of the WLA tracking apparatus 104, structureswithin the local wireless environment 100 that may interfere withwireless signals and the like. In the example of FIG. 1, the localwireless environment 100 may represent a residential, school, religiousor commercial premise 120 that includes a front door 122, windows 124, arear door 136, a rear walk 130 to a neighboring structure 132 (e.g.,garage or other building), and a private entryway or driveway 134. Afront walkway 128 leads from a sidewalk 126 to a front porch and thefront door 122. The sidewalk 126 is located next to a public road (e.g.,residential street, school driveway).

The local wireless environment 100 includes a wireless activity (WLA)tracking apparatus 104, a security apparatus 107 and a WLA-based searchresource 110. As explained herein, the WLA tracking apparatus 104 andthe security apparatus 107 manage collection and storage of wirelessactivity and security data, in one or more common or separate database109. The WLA and security data may be managed in connection withpredetermined security zones (denoted as SZ1, SZ2, SZ3, and SZ4) orotherwise. For example, security zones (SZ1, SZ2, SZ3, and SZ4) may bedefined as the area visible by respective security cameras 151. It isrecognized that numerous other predetermined security zones may bedefined.

The WLA tracking apparatus 104 may represent a network gateway to alocal or wide area network, cellular hotspot, cellular tower, GPStransponder and/or any other electronic device that includes at least areceiver programmed by software and/or firmware to receive and/orsupport bidirectional communication with one or more predeterminedcommunications protocols. The wireless mobile devices 102 move into andout of the range of the WLA tracking apparatus 104 following paths takenby individuals through the local wireless environment 100. The WLAtracking apparatus 104 is configured to detect mobile devices 102 thatenter within a detection range of the WLA tracking apparatus 104 and/orare within proximity to one or more security devices 151, 153. The WLAtracking apparatus 104 automatically generates WLA timestamps associatedwith the detection of the wireless activity and records the WLAtimestamps with the wireless activity. For example, a log may bemaintained of dates/times and wireless signatures (WLS) for mobiledevices 102, along with other information indicative of a nature of thewireless activity and/or movement of the mobile devices 102. Forexample, the WLA tracking apparatus 104 may record a WLS entry timestamp representing a WLA timestamp (e.g., date and time) when thewireless signature of a first mobile device 102 was first detected. TheWLA tracking apparatus 104 may also record a WLS exit timestamprepresenting a WLA timestamp indicative of when the wireless signatureof the first mobile device 102 was last detected before leaving thedetection range of the WLA tracking apparatus 104 (within apredetermined search window of time). Additionally or alternatively, theWLA tracking apparatus 104 may record one or more intermediate WLAtimestamps corresponding to dates and times at which the first mobiledevice 102 performed actions of interest. As an example, when tracking apath of the mobile device 102, WLA timestamps may be generated andrecorded each time the mobile device 102 crosses into or leavesdifferent security zones. Also, WLA timestamps may be generated andrecorded each time the mobile device 102 changes a direction orenters/exits predetermined range boundaries from a reference point(e.g., relative to the WLA tracking apparatus 104).

Optionally, the WLA tracking apparatus 104 may include multiple physicaldevices that are located at separate physical positions (and distributedfrom one another) within the local wireless environment 100. Whenmultiple physical devices are utilized to collectively form the WLAtracking apparatus 104, the separate physical devices may operate incooperation with or independent of one another, in a master-slaverelation, a client-server relation and the like. Optionally, themultiple physical devices may communicate with a remote/cloud basedserver (e.g., WLA search resource 110) that performs some or all of theoperations described herein. Additionally or alternatively, aremote/cloud based server, WLA search resource 110, may storeinformation and data utilized in connection with, and/or generated inresponse to, the operations described herein. Optionally, one or morerepeater devices may be utilized with the WLA tracking apparatus 104 toextend a range of the local wireless environment 100.

As an example, the WLA tracking apparatus 104 may represent a routerthat creates a wireless local area network (WLAN) in accordance with theInstitute of Electrical and Electronics Engineers (IEEE) 802.11protocol. The mobile devices 102 connect to the WLAN in accordance to anIEEE 802.11 compatible security algorithm, such as, for example, Wi-FiProtected Access (WPA), Wi-Fi Protected Access II (WPA2), or WiredEquivalent Privacy (WEP). The WLA tracking apparatus 104 can provideaccess to network for wireless devices connected to the wireless router,such as mobile devices 102, directly via bridging functionality integralto the WLA tracking apparatus 104, or in conjunction with bridgingfunctionality, not shown, that is accessible by the WLA trackingapparatus 104. The network can be, for example, a cellular network, alocal area network (LAN), a wide area network (WAN) such as theInternet, or a combination of the two, and can include wired, wireless,or fiber optic connections. While the WLA tracking apparatus 104 mayprovide access to a network, the WLA tracking apparatus 104 performs thewireless activity detecting and/or tracking operations described hereinwhile denying the mobile devices 102 access to the LAN, WAN, cellularnetwork and the like. The WLA tracking apparatus 104 performs thewireless activity detecting and/or tracking operations described hereinwithout regard for establishing a communications session with the mobiledevices 102. Additionally or alternatively, the WLA tracking apparatus104 may perform the wireless activity detecting and/or trackingoperations described herein during a one-way or two-way communicationsession with the mobile devices 102.

The security apparatus 107 is also provided for the local wirelessenvironment 100. The security apparatus 107 includes various securitydevices that collect security data. For simplicity, only cameras 151 andmotion sensors 153 are illustrated as security devices, although it isrecognized that additional or alternative security devices may beincluded such as one or more door/window sensors, motion sensors, glassbreak sessions, door/window locks, thermostat controls, light controlsand the like. The security data is stored in a security data log alongwith security timestamps indicative of when the security data wascollected. For example, the security data may include numerous segmentsof video, still images and/or audio security data collected by variouscameras and/or microphones. As another example, the security data mayinclude numerous segments related to events detected by sensors, such asdoor/window sensors, motion sensors, glass break sensors, door/windowlocks, thermostat controls, light controls and the like. It isrecognized that security data segments related to events detected by thenon-video sensors may not include large amounts of continuous securitydata, such as in video security data, although a large number ofsecurity data segments may be stored in connection with sensor detectedevents (e.g., every time a door is opened and closed, motion is detectedin a room, lights are turned on and off, etc.). The security apparatus107 may record a security timestamp in connection corresponding eachsecurity data segments. Additionally or alternatively, the securityapparatus 107 may record security timestamps periodically during acontinuous collection of security data, such as when security criteriaoccur.

Embodiments herein monitor wireless activity in connection with varioustypes of mobile devices 102 while located at various positions about thepremise 120. For example, an individual with a cellular phone (denotedas WLS1) may be walking along the sidewalk 126, while another individualon the sidewalk 126 may be carrying a mobile device with GPSfunctionality (WLS2). Additionally or alternatively, an individual, witha Fitbit device (WLS3), may be within the premise 120.

In the embodiment described in connection with FIG. 1, the securityapparatus 107 manages and communicates with the security cameras 151,sensors 153 and other security devices. To the extent that the WLAtracking apparatus 104 desires to communicate with the security devices,the WLA tracking apparatus 104 conveys the communication to the securityapparatus 107 for further action. For example, when the WLA trackingapparatus 104 desires to change a viewing angle of a security camera151, the WLA tracking apparatus 104 may convey a request to change astate of the security device (e.g., pan, zoom, tilt the viewing angle)to the security apparatus 107. As another example, when the WLA trackingapparatus 104 desires to change a state of a sensor-based securitydevice (e.g., turn on/off a motion sensor, a door/window sensor, adoor/window lock), the WLA tracking apparatus 104 conveys the request tochange the sensor setting to the security apparatus 107. The securityapparatus 107 acts upon the corresponding request.

Additionally or alternatively, the WLA tracking apparatus 104 maycommunicate over a local area network with security cameras 151 and/orsensors 153 (e.g., motion sensors, glass break detectors, etc.) thatmonitor the local wireless environment 100. The security cameras 151record video data for corresponding fields of view. The cameras 151 maybe activated by motion and/or by other sensors 153. Alternatively, thesecurity cameras 151 may be activated continuously to record of videoinformation.

The WLA search resource 110 is configured to utilize the wirelessactivity and/or the WLA timestamp to identify security devices ofinterest and/or segments of interest from the security data. The WLAsearch resource 110 is further configured to perform security actionsbased on the identification of a security device of interest and/orsegment of interest from the security data. The operations of the WLAsearch resource 110 may be implemented in various manners, depending inpart upon an overall configuration of the system. For example, the WLAsearch resource 110 may be implemented as an application operatingwithin the WLA tracking apparatus 104 and/or within the securityapparatus 107. Additionally or alternatively, the WLA search resource110 may be implemented as an application operating on a mobile device,desktop computer and/or a workstation.

Additionally or alternatively, the WLA search resource 110 may beimplemented on a remote server. For example, when implemented on aremote server, the WLA search resource 110 may receive search queriesfrom the WLA tracking apparatus 104, security apparatus 107 and/or amobile device of an authorized user. The search queries may be enteredthrough a graphical user interface (GUI) presented to the authorizeduser on the WLA tracking apparatus 104, security apparatus 107 and/or amobile device. Additionally or alternatively, the search queries may beautomatically generated by the WLA tracking apparatus 104 and/orsecurity apparatus 107. In response to a search query, the WLA searchresource 110 implements the operations described herein to identify asecurity device of interest, a segment of interest of security data, awireless signature, an individual associated with a particular mobiledevice and the like, to form a search response. The WLA search resource110 returns the search response to the requesting device or apparatuswhich in turn presents the search response on the graphical userinterface of the WLA tracking apparatus 104, security apparatus 107and/or a mobile device.

FIG. 2 illustrates a block diagram of a WLA tracking apparatus 104 andWLA database 115 formed in accordance with embodiments herein. The WLAtracking apparatus 104 includes a tracking circuit 111 and a WLA manager113, defined by one or more processors executing program instructions,that perform operations described herein. The tracking circuit 111 isconfigured to detect wireless activity within a detection range of thetracking circuit in proximity to the local wireless environment 100. Forexample, the tracking circuit 111 may be connected to an antenna that islocated within or mounted on a housing of the WLA tracking apparatus104. The local wireless environment 100 may be defined by a rangeboundary of the detection range of the antenna and tracking circuit 111.Additionally or alternatively, multiple antenna may be attached to theWLA tracking apparatus 104, thereby expanding the range boundary of thedetection range of the tracking circuit 111 and local wirelessenvironment. The multiple antennas may be physically located within acommon housing of the WLA tracking apparatus 104, or distributed atmultiple points within the premise 120. For example, one antenna may beprovided at the WLA tracking apparatus 104, while one or more additionalantenna may be provided within repeaters and the like.

The tracking circuit 111 detects a presence of one or more mobiledevices 102, within a range of the WLA tracking apparatus 104, based onone or more characteristics of a broadcast signal from each of thecorresponding mobile devices 102. Additionally or alternatively, thetracking circuit 111 may detect a path traveled by the mobile device 102and track the detected path of the mobile device 102 based on one ormore characteristics of the broadcast signal from the mobile device 102.For example, the tracking circuit 111 may monitor, as the characteristicof interest, a signal strength of broadcast signals from a mobile device102 (as received at the tracking circuit 111). For example, the trackingcircuit 111 may determine a distance to the mobile device 102 based on areceive signal strength and reference receive signal strengths. Forexample, during a learning mode, the tracking circuit 111 may perform acalibration operation in which the tracking circuit 111 collectsmultiple reference receive signal strengths in connection withpredetermined distances and/or directions. The tracking circuit 111associates the reference receives signal strengths with thepredetermined distances and directions relative to a reference point forthe WLA tracking apparatus 104. The signal strength measurements andpredetermined distances and/or directions are then used later, by thetracking circuit 111 and/or WLA manager 113, in connection with trackingwireless activity of other mobile devices 102. The reference receivesignal strengths, predetermined distances and directions may becollected independent of, the security apparatus 107 and securitydevices 151, 153.

Additionally or alternatively, the reference receives signal strengths,predetermined distances and directions may be collected in connectionwith corresponding unique security devices 151, 153. For example, duringa calibration operation, reference receive signal strength measurementsmay be collected while the user holds a mobile device 102 (operating ina calibration mode) proximate to a security device 151, 153. Forexample, the GUI of the mobile device 102 may direct the user to walk toa point proximate to a security device 151, 153, at which the trackingcircuit 111 records a signal strength and other direction relatedinformation from signals transmitted by the mobile device 102. Asanother example, the user may be directed to perform a requested suspectmovement, to beginning at a location on a public sidewalk or outside ofa property boundary, jumping a fence or entering the property from somelocation other than a walkway, and/or moving along an exterior of abuilding adjacent to one or more windows or private entrances. As theuser performs the requested suspect movement, the tracking circuit 111collects multiple calibration receive signal strength measurements.

Additionally or alternatively, the security devices 151, 153 may includetransmitters and have wireless communication functionality. Whenwireless security devices 151, 153 are present, the WLA trackingapparatus 104 may perform a registration operation to register each ofthe security devices 151, 153 with the WLA tracking apparatus 104. Toregister a security device 151, 153 with the WLA tracking apparatus 104,the tacking circuit 111 may record a wireless signature for the securitydevice 151, 153 and a signal strength of a signal broadcast from thesecurity device 151, 153. It is recognized that other techniques may beutilized to calibrate the WLA tracking apparatus 104. Optionally, thetracking circuit 111 may track positions of mobile devices 102 based onsignal characteristics other than signal strength. Optionally, nocalibration may be needed when the WLA tracking apparatus 104 merelyregisters entry and exit of mobile devices 102 within a range boundaryof the tracking circuit 111, and do not further track individual pathsfollowed by mobile devices 102.

The WLA database 115 includes one or more of a WLA log 150, a securitydata log 160, and a security zone log 170. Optionally, the WLA log 150,security data log 160 and security zone 170 may be maintained indifferent physical memories. Optionally, the WLA database 115 maymaintain a WLS list 172 that includes various types of wirelesssignature. For example, the WLS list 172 may include a list of knownauthorized wireless signature, such as wireless signature related tomobile devices owned or controlled by homeowners, family members,friends, employers, employees, school administrators, teachers, studentsand the like. The WLS list 172 may also include a list of unknown repeatwireless signature, such as wireless signature related to mobile devicesthat have been detected by the WLA tracking apparatus 104 apredetermined number of times.

The WLA manager 113 records wireless activity in the WLA log 150 as thewireless activity is detected by the tracking circuit 111. The WLAmanager 113 may record the wireless activity in various manners in theWLA log 150. For example, the WLA manager 113 may simply store, in aspool format, all wireless signature identified by the tracking circuit111, along with a timestamp for when the tracking circuit 111 detectedthe wireless signature. In the foregoing example, a single wirelesssignature may be recorded multiple times in the WLA log 150 along withmultiple corresponding timestamps, thereby providing a running log ofthe amount of time in which the corresponding mobile device 102 ispresent within the range of the WLA tracking apparatus 104. Optionally,the WLA manager 113 may manage the WLA log 150 in a more selectivemanner, based on various criteria. For example, the WLA manager 113 mayonly add a wireless signature and corresponding timestamp to the WLA log150 when a new mobile device is detected to enter or exist apredetermined detection range boundary of the WLA tracking apparatus104. Additionally or alternatively, the WLA manager 113 may update arecord in the WLA log 150, or add a new record to the WLA log 150, whena wireless signature is determined by the tracking circuit 111 to movefrom one security zone to another.

The WLA log 150 stores a unique identifier for each mobile device 102,for which wireless activity is detected, along with one or more WLAtimestamps and (optionally) activity characteristics associated with thewireless activity. The unique identifier may represent the wirelesssignature broadcasts by the mobile device 102. Additionally oralternatively, the tracking circuit 111 may assign a random identifierin connection with each mobile device 102 for which wireless activity isdetected. The WLA manager 113 may also store an activitycharacterization describing the character of the wireless activity. Forexample, the activity characterization may indicate the presence of thewireless device 102 relative to one or more of the security zones (SZ1,SZ2, SZ3, and SZ4). In the example of FIG. 2, the activitycharacterization may indicate that a wireless signature has entered asecurity zone “Enter SZ1”, was simply detected present within a securityzone “Detected in SZ4”, has exited a security zone “Exist SZ1”, and thelike. Additionally or alternatively, the activity characteristics mayindicate other actions taken by the mobile device relative to thenetwork, such as “attempt to log into network”, “attempt to pair withBluetooth device”, etc.

Additionally or alternatively, the WLA manager 113 may not add allwireless signature to the WLA log 150 once detected. The sensitivityrange of the WLA tracking apparatus 104 may be greater than a field ofview of security cameras. Accordingly, addition to the WLA log 150 maybe based at least in part on whether a mobile device 102 is within adesired proximity of a security zone and/or security device. Forexample, the WLA manager 113 may be configured to store the wirelesssignature on the WLA log 150 and generates a corresponding WLA timestamponly the mobile device 102 is in proximity to one or more of thesecurity devices 151, 153.

Optionally, the WLA timestamps may be stored on a remote log, such as ata remote security monitoring system or WLA search resource. The WLA log150 and/or a remote log may maintain all or some WLA timestampsgenerated by the detection of any wireless signature that are analyzedin accordance with the operations of FIGS. 3 and 4 to allow the systemto learn more about wireless activity within the area and in connectionwith individual wireless signature.

Additionally or alternatively, the WLS manager 113 may automaticallyimplement certain preprogrammed security actions directly or incoordination with the security apparatus 107. For example, any time anunknown wireless signature is detected to be within certain securityzones, the WLS manager 113 may send an electronic notification to anowner, manager or other designated individual indicating the presence ofthe unknown wireless signature in the security zone. As another example,the WLS manager 113 may compare newly detected wireless signature to alist of restricted wireless signature known to be associated with i)individuals who are not authorized to approach a local wirelessenvironment 100 (e.g., individuals having a history of presenting dangerto a family member, children and the like), or ii) individuals who areof interest (e.g., individuals registered to own assault rifles). When arestricted wireless signature associated with such individuals isdetected to be present within the local environment, the WLA trackingapparatus 104 may automatically implement a preprogrammed securityaction. For example, the preprogrammed security action may be to send anelectronic notification (e.g., email, text, voicemail) to a securitypersonnel, such as administrators for and/or employees at the facility(e.g., superintendents, teachers), local law enforcement authorities,and the like. As another example, when the local environment is aresidential home, the preprogrammed security action may be to send theelectronic notification to the resident, neighbors and the like.

The WLA log 150 may define access settings to be implemented inconnection with different wireless signature. The WLA tracking apparatus104 stores and manages one or more security zone logs 170 and one ormore WLA logs 150. The security zone logs 170 and WLA log 150 may bestored in WLA database 115 locally and/or remotely from the WLA trackingapparatus 104.

The security zone log 170 is utilized to define one or more monitoredsecurity zones (SZ1, SZ2, SZ3, and SZ4) in connection with the localwireless environment 100. A security zone may correspond to a singlepredetermined security device and/or multiple security devices.Additionally or alternatively, a monitored zone may correspond to aphysical region, without regard for any predetermined security devices.Non-limiting examples of monitored regions represent predeterminedsecurity zones (SZ1, SZ2, SZ3, and SZ4).

Optionally, the security zone log 170 may also store security zones thatare monitored by independent security devices that are managed orcontrolled by a third-party. For example, a WLA tracking apparatus 104may be provided in a residential or commercial site that is locatedadjacent to independent residential or commercial sites that haveindependent security apparatus. The WLA tracking apparatus 104 may notbe directly coupled, or have any access rights, to such independentsecurity apparatus. Nonetheless, the WLA tracking apparatus 104 may becalibrated or programmed concerning a of the presence and/or locationsof security devices within the independent security apparatus.

The WLA manager 113 may enter a learning mode to initially populate andperiodically update the security zone log 170. Optionally, the WLAmanager 113 may update the security zone log 170 throughout operation,without a need to enter any particular mode in connection there with.

The WLA log 150 retains WLA records in connection with multipleindividual wireless signatures. As non-limiting examples, a WLA recordmay maintain a WLA timestamp and wireless signature associated withdetection of individual wireless signature, as well as an activityhistory. The activity history may be maintained in various manners. Forexample, the activity history may maintain a record of timestamp (e.g.,time and date) that a wireless signature was detected, along with anindication of which security zone the wireless signature was detectedwithin. For example, the activity history may record a list of securityzones entered by a mobile device associated with a particular wirelesssignature, along with the timestamp of such entries.

The WLA database 115 may also include a security data log 160.Optionally, the security data log 160 may be maintained in memoryindependent and separate from the WLA database 115. The securityapparatus 107 manages the security data log 160, as well as the securitydevices 151, 153. For example, the security apparatus 107 may turn datacollection on and off for the security devices 151, 153 periodicallyand/or based on various criteria. For example, video cameras may beturned on continuously and/or during certain times of day. Optionally,video cameras may be turned on in response to motion, where the motionsensitivity is turned on and off based on different criteria. Thesecurity apparatus 107 may manage pan zoom and tilt (PZT) for securitycameras having the corresponding PZT functionality.

The security apparatus 107 records the security data as security filesfor the corresponding security devices 151, 153. The security apparatus107 also records security timestamps in connection with the securitydata collected by the security devices 151, 153. The security data andtimestamps are stored in the security data log 160. The securityapparatus 107 may manage incoming security data from a correspondingsecurity device 151, 153 in various manners. For example, the securityapparatus 107 may maintain one continuous security data log for eachcorresponding security device 151, 153, with timestamps added to thecontinuous security data log periodically or in response to selectsecurity related actions. Optionally, the security apparatus 107 mayperiodically begin a new file in connection with each security device151, 153. Optionally, the security apparatus 107 may maintain separatesecurity data files in response to select security related actions, suchas the detection of motion, sound, and/or opening/closing ofdoors/windows.

The security apparatus 107 may operate entirely independent of, andasynchronously with, the WLA tracking apparatus 104. For example, thesecurity apparatus 107 may generate security timestamps that are storedwith the security data based on security criteria (e.g., periodically orin response to security related actions). Separately and asynchronously,the WLA tracking apparatus 104 may generate WLA timestamps that arestored in the WLA records based on WLA criteria. An example of WLAcriteria is when the WLA tracking apparatus 104 detects a mobile device102 entering or exiting a security zone, entering or exiting a rangeboundary of the WLA tracking apparatus 104 and the like.

Optionally, the security apparatus 107 may communicate with the WLAtracking apparatus 104 throughout operation. As a further option, thesecurity apparatus 107 may coordinate data storage with the WLA trackingapparatus 104. For example, the security apparatus 107 may storesecurity data (e.g., video segments) within, linked to or associatedwith the WLS records stored in the WLA log.

Optionally, the security apparatus 107 and WLA tracking apparatus 104may be integrated into a common apparatus or system. For example, thesecurity apparatus 107 and WLA tracking apparatus 104 may be physicallyhoused in a common device and implemented as applications on common ordifferent processors. As another example, a pre-existing securityapparatus 107 may include memory and one or more processors where theprocessors execute specific program instructions to implement an upgradeto add the functionality of the WLA tracking apparatus 104. As yetanother example, a preexisting WLA tracking apparatus 104 may beimplemented with a network router, where the network router includesmemory and one or more processors that execute specific programinstructions to implement an upgrade to add the functionality of thesecurity apparatus 107.

Optionally, the WLS list 172 may also include a list of restrictedwireless signature that are not permitted within the local wirelessenvironment 100. For example, in connection with a residential premise,when a resident has a restraining order against a third party, thethird-party may be required to record the wireless signature of anymobile devices owned or controlled by the third-party. The wirelesssignature for the third-party mobile devices may be added to therestricted WLS list, and when detected to be present within the localenvironment, the WLA tracking apparatus 104 may automatically implementa preprogrammed security action. For example, the preprogrammed securityaction may be to send an electronic notification (e.g., email, text,voicemail) to local law enforcement authorities, to the resident of thepremise and the like.

As another example, a local wireless environment 100 may correspond to apublic or government facility frequented by children and other youngindividuals (e.g., elementary school, middle school, high school,academic campus, church, day care center, playground, sports facilityand the like). For example, certain types of individuals (e.g., felons,predators, individuals convicted of child-related offenses, individualscharged or convicted of sex crimes, individuals charged or convicted ofdrug-related offenses) may be required to register certain informationwith one or more private or public agencies or authorities. As anotherexample, individuals who have purchased, or are in possession of, any orcertain types of firearms (e.g., assault rifles) may be required toregister certain information with one or more private or public agenciesor authorities. In connection with the registration, the individuals maybe required to provide wireless signatures for any wireless mobiledevices owned, carried or controlled by the individual. The wirelesssignature for the foregoing types of individuals may be added to therestricted WLS list. When a restricted wireless signature is detected tobe present within the local wireless environment 100, the WLA trackingapparatus 104 and/or security apparatus 107 may automatically implementa preprogrammed security action. For example the preprogrammed securityaction may be to send an electronic notification (e.g., email, text,voicemail) to administrators for and/or employees at the facility (e.g.,superintendents, teachers), local law enforcement authorities, and thelike. The electronic notification may indicate the individual on recordassociated with the wireless signature, the time and nature of thewireless activity, an area in which the wireless activity was detectedand the like.

As another example of preprogrammed security actions, the WLA trackingapparatus 104 may initiate door/window locks to close a facility beforean individual enters the facility. As yet another example, the WLAtracking apparatus 104 may instruct security cameras 151 to continuouslyrecord for an area in which the wireless signature was detected. Whensecurity cameras 151 include pan, zoom and tilt functionality, the WLAtracking apparatus 104 may direct the security camera 151 (directly orthrough the security apparatus 107) to point to, focus on and follow themobile device having the restricted wireless signature.

In the foregoing examples, the restricted WLS list is generated based onindividuals registering with agencies, such as a parole office, a locallaw enforcement authority, a state law enforcement authority, a federallaw enforcement authority. Additionally or alternatively, theindividuals may register with private agencies. For example, when anindividual purchases a firearm, the individual may include, within theregistration information, identifying information for any mobile devicesowned, carried or controlled by the individual that would enable awireless signature for each mobile device to be identified and added tothe restricted WLS list.

In the foregoing examples, the restricted WLS list is populated based oninformation entered by the individual who owns, controls or carries aparticular mobile device. Additionally or alternatively, the wirelesssignature for mobile devices of the foregoing individuals may beseparately obtained without the knowledge of or approval by theindividuals. For example, the WLS information may be obtained frommanufacturers of the mobile devices, cellular providers, governmentagencies and any other public or private entity with knowledge of themobile devices associated with the individual. For example, mobiledevice records of all individuals in a select geographic region (e.g.,state, county, city) with Felony convictions or registered to ownassault rifles may be reviewed to obtain wireless signature and thewireless signature are added to the restricted WLS list in all WLAtracking apparatus for the corresponding region.

FIG. 3 illustrates a process for collecting wireless activity andsecurity data in accordance with embodiments herein. FIG. 3 illustratesparallel processes that may be performed in coordination with oneanother, or independently and asynchronously, from one another bysecurity apparatus and WLA tracking apparatus. The processes enter anactive or armed mode in various manners. For example, the securityrelated process may be initiated by a user input, such as when a user(locally or remotely) arms the premise security apparatus 107. Asanother example, the WLA and/or security related processes may beautomatically initiated, such as based on preprogrammed times, when theWLA tracking apparatus 104 determines that a mobile device having anauthorized user wireless signature (e.g., the homeowner) has left therange of the WLA tracking apparatus 104 and/or based on other criteria.

At 302, one or more of the security devices 151, 153 collect securitydata. The security cameras 151 may record continuously in connectionwith continuous video surveillance for corresponding fields of view.Alternatively, the security cameras 151 may be activated by motiondetectors 153 and/or other sensors and record video data forcorresponding time periods. Optionally, the security cameras 151 may beprogrammed to be activated during predetermined times (e.g., nighttime).The motion sensors 153 and other security devices also record securitydata, such as when security related actions occur (e.g., motion isdetected, doors/windows open/close and the like).

At 304, one or more processors of the security apparatus 107 determinewhether the security data should be stored. For example, all incomingsecurity data may be stored, or alternatively select portions of thesecurity data may be stored, such as in connection with certain securityrelated actions (e.g., motion detection, opening/closing of doors, andthe like). When the security data is not to be stored, flow returns to302 where additional security data is collected. Alternatively, when thesecurity data is to be stored, flow moves from 304 to 306. At 306, theone or more processors of the security apparatus 107 store the securitydata in the security data log 160. In addition, the processors generatea security timestamp corresponding to when the security data wascollected and store the security timestamp in the security data log 160in connection with the security data. By way of example, a securitytimestamp may be recorded daily, hourly or on some other periodic basis.As another example, security timestamps may be recorded each timesecurity related actions occur, such as motion is detected,windows/doors are opened/closed and the like.

Separately or in parallel, at 310, the tracking circuit 111 of the WLAtracking apparatus 104 detects wireless activity within a detectionrange of the tracking circuit 111. The detection of wireless activitymay occur before and without regard for whether a communications link isestablished with any mobile device(s) 102 within the wireless range ofthe WLA tracking apparatus 104. For example, WLA tracking may beperformed in connection with a local area network (LAN) while a routerof the LAN denies the wireless devices 102 access to the LAN.Additionally or alternatively, the tracking circuit 111 may detect thewireless activity while a communications link is established between amobile device 102 and a router within the LAN. Additionally oralternatively, after the communications link has terminated, thetracking circuit 111 may continue detecting wireless activity of acorresponding mobile device 102 and/or may begin detecting wirelessactivity of the mobile device 102.

The wireless activity includes a wireless signature of one or moremobile wireless devices. The processors detect wireless activity by,among other things, searching for one or more wireless signature ofmobile wireless devices within a range of the WLA tracking apparatus(s)104. For example, the tracking circuit 111 may receive information fromthe mobile device that identifies the mobile device, such as a serialnumber, SSID, telephone number, MAC address, and the like.

At 312, the one or more processors determine whether the wirelessactivity is within a security zone. For example, the determination at312 may determine whether the wireless activity is within a securityzone stored in the security zone log 170 (e.g., one or more securityzones SZ1, SZ2, SZ3, and/or SZ4 associated with the security devices151, 153). The wireless activity may be determined based on one or morecharacteristics of a broadcast signal from the mobile device 102. Thewireless activity may be determined and/or tracked in various manners.For example, the tracking circuit 111 may determine a position of amobile device 102 through triangulation, range detection, signalstrength, signal directionality and the like. When the wireless activityis not within a security zone, flow returns to 310. Alternatively, whenthe wireless activity is within a security zone, flow advances to 314.

At 314, the one or more processors of the WLA tracking apparatus 104store the WLA activity in the WLA log 150. At 314, the processors alsogenerate a WLA timestamp corresponding to the time at which the WLAactivity was detected and store the WLA timestamp in the WLA log 150 inconnection with a wireless signature. Optionally, the processors maystore a location associated with the wireless signature. For example,the location may be recorded as a physical coordinate or GPS locationdesignator. Additionally or alternatively, the location may be recordedas a range measurement, signal strength measurement, directionalitymeasurement and the like.

Optionally, the determination at 312 may be based in whole or in part onwhether the wireless activity includes a wireless signaturecorresponding to a known wireless signature. For example, the WLAmanager 113 may identify a wireless signature from the wireless activityand compare the detected wireless signature to a list of authorizedwireless signature (for known mobile devices). When the detectedwireless signature is on the list of authorized wireless signature forknown mobile devices, the WLA manager 113 may choose to not store thewireless activity at 314. Optionally, the determination at 312 may beomitted entirely and all wireless activity detected at 310 may be storedin the WLA log at 314, along with the corresponding WLA timestamp.

The operations at 302-314 may be repeated by the security apparatus andWLA tracking apparatus continuously and/or in response to correspondingcriteria, thereby building separate or common a WLA log 150 and securitydata log 160 that may be utilized as described hereafter. It isrecognized that multiple security apparatus may be operating incombination or independently of one another to build correspondingsecurity data logs 160. Similarly, multiple WLA tracking apparatus maybe operating in combination or independently of one another to buildcorresponding WLA logs 150.

At 316, the process utilizes the wireless activity and/or the WLAtimestamp to identify a security device of interest and/or a segment ofinterest from the security data. At 318, the process performs a securityaction based on the security device of interest and/or segment ofinterest from the security data identified in 316. The operations at 316and 318 may be implemented in various manners by the WLA trackingapparatus 104, the security apparatus 107 and/or the WLA search resource110, depending in part upon an overall configuration of the system.Various embodiments for the operations at 316 and 318 are describedherein.

While the foregoing example is provided in connection with one mobiledevice, it is recognized that the process of FIG. 3 may be implementedin connection with multiple mobile devices. For example, the detectingoperation detects wireless activity of multiple mobile devices and thestoring operation stores separate WLA timestamps of multiple mobiledevices.

FIG. 4A illustrates a process for utilizing wireless activity and/or WLAtimestamps to identify a security device of interest and/or a segment ofinterest from the security data in accordance with an embodiment herein.The operations of FIG. 4A may be implemented by the WLA trackingapparatus 104, the security apparatus 107, and/or the WLA searchresource 110. At 402, the one or more processors receive a WLA searchrequest. The WLA search request may include various search criteria. Forexample, the search criteria may designate wireless activity factors,such as a search for any wireless activity within a predetermined timeframe, a search for any wireless activity within certain security zones,a search for any wireless activity by unknown wireless signature, asearch for any wireless activity related to unknown and/repeat wirelesssignature, a search for any wireless activity by restricted wirelesssignature and the like.

At 404, the one or more processors search the WLA log for a WLA recordof interest that satisfies the WLA search criteria. At 406, the one ormore processors determine whether a WLA record of interest was foundthat satisfies the WLA search criteria. When no match is found, flowcontinues to 408. At 408, a response is returned indicating that nomatch was found. Alternatively, at 406, when a WLA record of interest isfound, flow moves to 410. At 410, the one or more processors identifythe WLA timestamp from the WLA record of interest. At 410, theprocessors search the security data log for security data of interest.The search for the security data of interest may be based on the WLAtimestamp and one or more security timestamps stored with the securitydata. For example, when a WLA timestamp indicates a particular point intime, the processors may identify the segment of the security data thatbegins at or at least encompasses the point in time associated with theWLA timestamp. The segment of the security data may be identified basedon one or more security timestamps stored with the security data.

At 412, the one or more processors determine whether a segment of thesecurity data was found that corresponded to/matches the WLA timestamp.When no security data is found that has a security timestamp thatcorresponds to the WLA timestamp, flow moves to 408, where the processreturns a response indicating that no match was found. Alternatively,when a segment of the security data is found to match the WLA timestamp,flow continues to 414.

At 414, the process returns the segment of security data thatcorresponded to the WLA timestamp. The segment of security data may bepresented in various manners, such as displayed on a graphical userinterface of a mobile device, workstation or other electronic device.

Optionally, the process of FIG. 4A may perform an optional branch inaccordance with certain embodiments herein. For example, in certainembodiments, it may be desirable to expand a search beyond the data andinformation collected by the WLA tracking apparatus and securityapparatus. For example, it may be desirable to open the search to abroader Internet request. In accordance there with, the process of FIG.4A may move from 408 and/or 414, as noted by dashed lines 416, togenerate an Internet-based request at 420. At 420, the one or moreprocessors construct an Internet-based search request related to thedata and information captured by the WLA tracking apparatus and securitysystem.

The Internet-based search request may be directed to network resources,such as a request for information concerning a particular wirelesssignature, individual, mobile device and the like. Additionally oralternatively, the Internet-based search request may be directed to thegeneral public. For example, the Internet-based search request mayinclude an image of an individual with a caption requesting furtherinformation (e.g., “Has anybody seen this person”). As another example,the Internet-based search request may be based on the wireless activity(e.g., “Does anyone know the owner of this phone number”).

FIG. 4B illustrates a process for utilizing security data to identifywireless activity and/or WLA timestamps of interest in accordance withan embodiment herein. The operations of FIG. 4B may be implemented bythe WLA tracking apparatus 104, the security apparatus 107, and/or theWLA search resource 110. At 432, the one or more processors receive asecurity search request. The security search request may include varioussearch criteria. For example, the search criteria may designate securityfactors, such as a search for any unauthorized entries within apredetermined time frame, any unauthorized activity detected by cameraswithin certain security zones and the like. At 434, the one or moreprocessors search the security data log for a security record ofinterest (e.g., a security device of interest and/or a security datasegment of interest) that satisfies the security search criteria. At436, the one or more processors determine whether a security record ofinterest was found that satisfies the security search criteria. When nomatch is found, flow continues to 438. At 438, a response is returnedindicating that no match was found.

Alternatively, at 436, when a security record of interest is found, flowmoves to 440. At 440, the one or more processors identify the securitytimestamp from the security record of interest. At 440, the processorssearch the WLA log for WLA records of interest. The search for the WLArecord of interest may be based on the security timestamp and one ormore WLA timestamps stored with the WLA records. For example, when asecurity timestamp indicates a particular point in time, the processorsmay identify, from the WLA log, any and all wireless signature that arepresent within the detection range of the WLA tracking apparatus at theparticular point in time. The processors may identify, as matches, allwireless signature that were present within the detection range at thetime of the security timestamp. Additionally or alternatively, theprocessors may identify, as matches, only unknown, repeating orrestricted wireless signature that were present within the detectionrange at the time of the security timestamp. Additionally oralternatively, the determination at 440 may be limited to wirelesssignature that were determined to be present within particular securityzones. For example, the security record of interest identified at 434may correspond to a particular security zone. When a security record ofinterest corresponds to a particular security zone, the search at 440may similarly limit the search of WLA records to the WLA records for thecorresponding security zone.

At 440, the one or more processors also determine whether a WLA recordwas found that corresponded to/matches the security timestamp. When nomatching WLA record is found that has a WLA timestamp that correspondsto the security timestamp, flow moves to 438, where the process returnsa response indicating that no match was found. Alternatively, when a WLArecord is found to match the security timestamp, flow continues to 442.

At 442, the process returns the WLA record (e.g., wireless signature,WLA timestamp, security zone, entry time, exit time) that correspondedto the security timestamp. The WLA record may then be automaticallyutilized to conduct further searches and/or may be presented in variousmanners, such as displayed on a graphical user interface of a mobiledevice, workstation or other electronic device.

In accordance with the operations of FIG. 4A, embodiments herein enablesearches to be performed based on various types of search request. Forexample, the most basic type of search request would first request theWLA tracking apparatus to identify when wireless activity was presentand based thereon, match security data segments for correspondingsecurity cameras. As another example, a search request may knowgenerally where an unauthorized event occurred, but not know when theevent occurred. The “where” is determined by the WLA tracking apparatus,namely within the coverage area of the WLA tracking apparatus. Inconnection there with, a search request may request segments of securitydata that were collected by any security apparatus having securitydevices covering portions of the reception area associated with the WLAtracking apparatus (e.g., any security devices surrounding a commercialor residential location housing the WLA tracking apparatus).

As another type of search request, a searcher or system may know when anunauthorized event occurred, but not know where the event occurred. Thesearch request may request the “when” based on security data fromnon-video security devices (e.g., “When did the motion detector or glassbreak detector sense an unauthorized event?”). For example, a motiondetector or glass break detector may provide non-video security dataindicating that an unauthorized entry occurred at a particular timeframe. However, the non-video security data may not indicate where theunauthorized entry occurred. In a large commercial or residential area,numerous conventional video surveillance cameras would be reviewed.However, in accordance with embodiments herein, the WLA trackingapparatus may provide localized location information for an unknown orunauthorized wireless signature, such as a security zone where theunknown or unauthorized wireless signature was detected. Based on thesecurity zone information collected by the WLA tracking apparatus, onlysecurity data segments need be reviewed for the security cameras havingfields of view covering the identified security zone.

The process of FIG. 4A may be implemented in connection with variousapplications. For example, when a home security apparatus is coupled toa WLA tracking apparatus, an individual may enter a request for anyvideos security data corresponding to cameras covering security zones inwhich wireless signature were detected recently or over a predeterminedperiod of time. The process may return one or more segments of securitydata (e.g., video clips, still images, audio clips and the like) for oneor more cameras related to the region in which the wireless activity wasdetected. The process of FIG. 4A allows individuals to search forparticular wireless signatures/fingerprints in order to determine timeframes that individuals may show up in a particular video feed, photoand the like.

As another example, the search request may designate a particularwireless signature and/or individual (e.g., by name) and requestsegments of security data for time frames in which the designatedwireless signature or individual were detected to be present by the WLAtracking device. For example, a homeowner or business or manager maywish to know when certain individuals (e.g., family members andemployees) arrive and leave a local environment. Accordingly,embodiments herein allow search queries for specific segments ofsecurity data and/or a list of the security devices (e.g., cameras) thatmay include video and other security data related to specific wirelesssignatures/fingerprints.

In accordance with embodiments herein, the security data and wirelessactivity may be stored in a common log or in separate logs linked to oneanother. When the security data and wireless activity are stored in arelational manner, the search request may request segments of securitydata (e.g., video segments, sensor states) corresponding to time framesin which wireless activity was present within the local environment andthe timestamp comparison at 410 omitted. For example, in the process ofFIG. 4A, a user may request all video segments beginning at least oneminute before entry of a wireless signature to a local wirelessenvironment 100 and continuing for some predetermined period of timefollowing entry of the wireless signature to a local environment.Similarly, users may request video segments beginning a predeterminedperiod of time before exit of a wireless signature from a localenvironment and continuing for one minute after exit of the wirelesssignature.

The process of FIG. 4A may also be implemented in connection with WLAtracking apparatus and security apparatus that are independent systemsand operate without coordination there between. For example, aresidential or commercial property may have a WLA tracking device, butdoes not have a security system with video cameras. When a break-inoccurs, the WLA tracking apparatus will record the wireless signature ofthe burglar, even though no video security data is obtained within theresidential or commercial property in connection with the break-in. Asanother option, the residential or commercial property may have both aWLA tracking device and a security system with security cameras.However, the burglar may avoid exposure to the security cameras withinthe property. Notwithstanding, security cameras for neighboring securitysystems may still capture video security data showing the burglar.

FIG. 5 is a functional block diagram illustrating a local wirelessenvironment (e.g., a commercial or residential neighborhood) thatincludes independent WLA tracking apparatus and security apparatus inaccordance with embodiments herein. In the embodiment of FIG. 5, thelocal wireless environment surrounds an intersection 501 within an urbanarea having separate residential or commercial premise 502-506 arrangedon opposed sides of streets at the intersection 501. The premise 502includes a WLA tracking apparatus 520 but does not include a securityapparatus. The premise 503 includes a security apparatus 522 couple tosecurity cameras 524-526 having corresponding fields of view asdesignated by dashed lines 534-536. The premise 504 does not include aWLA tracking apparatus, nor a security apparatus, while the premise 505includes a security apparatus 540 coupled to a motion sensor 542, aglass break sensor 544 and a security camera 545 having pan zoom andtilt functionality. The premise 506 includes a WLA tracking apparatus550. The WLA tracking apparatus and security apparatus of FIG. 5 operateindependent of one another to separately store WLA records and securitydata in corresponding separate memories.

In accordance with embodiments herein, a WLA search resource 570 isconfigured to implement the search operations of FIG. 4A. The WLA searchresource 570 operated independently of, communicated over a local orwide area network with, but the WLA tracking apparatus and securityapparatus illustrated in FIG. 5. For example, the WLA search resource570 may be managed by an independent third-party or local lawenforcement agency. The owners/operators of the premise 502-506 maysubscribe to a search service provided by the third-party, therebyaffording a certain level of security and confidentiality in connectionwith data and other information conveyed over the network

As one implementation example, an unauthorized individual may enter thepremise 502 through a door 521, where the unauthorized individualcarries a mobile device 523. The unauthorized individual may thenperform an unauthorized action, such as stealing, vandalizing and thelike, and then leave through the door 521. Given that the premise 502does not include security cameras, the owner/operator of the premise 502would have no video security data to review in attempting to identifythe unauthorized individual. However, the premise 502 includes a WLAtracking apparatus 520 which recorded the wireless activity associatedwith the mobile device 523, such as the wireless signature and WLA entryand exit timestamps for when the mobile device 523 entered and left thepremise 502.

The owner/operator of the premise 502 may submit a search request to theWLA search resource 570 (e.g., from a mobile device or from the WLAtracking apparatus 520). The search request may indicate the timeframein which the mobile device 523 was present in the premise 502. Inresponse thereto, the WLA search resource 520 may search security datastored at the WLA search resource 520 from any security device managedby the WLA search resource 570. Additionally or alternatively, the WLAsearch resource 520 may send requests to the security apparatus 522 and540, requesting segments of security data corresponding to the WLAtimestamps (e.g., exit and entry timestamps) from the search request.The security apparatus 522 may provide video segments of security data,stored in a video log, from one or more of the security cameras 524-526for the requested timeframe, while the security apparatus 540 may returnsegments of security data, stored in a video log, from the motion sensor542 and 544, and video data from the security camera 545. The videosegments from the security cameras 524 and 525 potentially would includevideo showing the unauthorized individual entering and/or leavingthrough the door 521.

As another implementation example, a homeowner (or business owner) mayown the premise 506. When the homeowner leaves the premise 506, the WLAtracking apparatus 550 may be armed to perform certain actions. Forexample, when the homeowner is away and the WLA tracking apparatus 550detects wireless activity within the premise 506 (e.g., associated witha mobile device 558), the WLA tracking apparatus 550 may convey a searchrequest to the WLA search resource 570. The search request may requestthat the security apparatus 540 within the adjacent premise 505 reorientthe security camera 545 to a field of view 560 that includes the door556 of the premise 506. The WLA search resource 570 may convey to thesecurity apparatus 540 the request to reorient the security camera 545in the requested manner. The security apparatus 540 may comply byredirecting the security camera 545. When the individual with the mobiledevice 558 leaves through the door 556, the security camera 545 wouldpotentially capture video security data showing the individual.

Additionally or alternatively, when the WLA tracking apparatus 550detects the presence of an unauthorized mobile device 558, the searchrequest may also request that the security cameras 524-526 activate andcapture video data for as long as the mobile device 558 is present, andfor a predetermined period of time thereafter. For example, an offsettime may be calculated, such that when an individual leaves the door 556and walks in the direction of the intersection 501, the individual mayarrive at the intersection 501 a predetermined period of time later (anoffset time). Accordingly, the security data from the cameras 524-526would be collected for at least the predetermined period of time,corresponding to the offset time, in order to potentially capture videoincluding the individual with mobile device 558 after leaving thepremise 506.

FIG. 6 is a block diagram of components of a WLA tracking apparatusformed in accordance with embodiments herein. The WLA tracking apparatuscan include a GUI 620 one or more processors 602, one or morecomputer-readable RAMs 604, one or more computer-readable ROMs 606, oneor more tangible storage devices 612, a network interface card 608, atransceiver 610, and optionally one or more network ports 616, allinterconnected over a communications fabric 618. Communications fabric618 can be implemented with any architecture designed for passing dataand/or control information between processors (such as microprocessors,communications and network processors, etc.), system memory, peripheraldevices, and any other hardware components within a system.

One or more operating systems 614, sensitivity data, WLA logs, and WLAtracking programs are stored on computer-readable tangible storagedevice 612 for execution or access by one or more processors 602 via oneor more RAMs 604 (which typically include cache memory). In theillustrated embodiment, computer-readable tangible storage device 612can be a magnetic disk storage device of an internal hard drive, CD-ROM,DVD, memory stick, magnetic tape, magnetic disk, optical disk, asemiconductor storage device such as RAM, ROM, EPROM, flash memory orany other computer-readable tangible storage device that can store acomputer program and digital information.

The WLA tracking apparatus may include a network interface card 608,such as a TCP/IP adapter card. The programs on network WLA trackingapparatus can be downloaded to the wireless router from an externalcomputer or external storage device via a network (for example, theInternet, a local area network or other, wide area network or wirelessnetwork) and network interface card 608. The programs can then be loadedinto computer-readable tangible storage device 612. The network maycomprise copper wires, optical fibers, wireless transmission, routers,firewalls, switches, gateway computers and/or edge servers.

FIG. 7 illustrates a simplified block diagram of internal components ofan electronic device 701 configured to operate in accordance withembodiments herein. The device 701 may be configured to operate as a WLAtracking apparatus, security apparatus, WLA search resource, and/ormobile device. The device 701 includes components such as one or morewireless transceivers 702, one or more processors 704 (e.g., amicroprocessor, microcomputer, application-specific integrated circuit,etc.), one or more local storage medium (also referred to as a memory)706, a user interface 708 which includes one or more input devices 709and one or more output devices 710, a power module 712, a componentinterface 714 and a camera unit 716. All of these components can beoperatively coupled to one another, and can be in communication with oneanother, by way of one or more internal communication links, such as aninternal bus. The camera unit 716 may capture one or more frames ofimage data.

The input and output devices 709, 710 may each include a variety ofvisual, audio, and/or mechanical devices. For example, the input devices709 can include a visual input device such as an optical sensor orcamera, an audio input device such as a microphone, and a mechanicalinput device such as a keyboard, keypad, selection hard and/or softbuttons, switch, touchpad, touch screen, icons on a touch screen, atouch sensitive areas on a touch sensitive screen and/or any combinationthereof. Similarly, the output devices 710 can include a visual outputdevice, one or more light emitting diode indicators, an audio outputdevice such as a speaker, alarm and/or buzzer, and a mechanical outputdevice such as a vibrating mechanism. The display may be touch sensitiveto various types of touch and gestures. As further examples, the outputdevice(s) 710 may include a touch sensitive screen, a non-touchsensitive screen, a text-only display, a smart phone display, an audiooutput (e.g., a speaker or headphone jack), and/or any combinationthereof. Optionally, the input devices 709 may include one or more touchsensitive layers provided on the front and/or rear sides of the display752. The output devices 710 include a flexible display layer, such as anOLED display 752.

The local storage medium 706 can encompass one or more memory devices ofany of a variety of forms (e.g., read only memory, random access memory,static random access memory, dynamic random access memory, etc.) and canbe used by the processor 704 to store and retrieve data. The data thatis stored by the memory 706 can include, but need not be limited to,operating systems, applications, user collected content andinformational data. Each operating system includes executable code thatcontrols basic functions of the device, such as interaction among thevarious components, communication with external devices via the wirelesstransceivers 702 and/or the component interface 714, and storage andretrieval of applications and data to and from the memory 706. Eachapplication includes executable code that utilizes an operating systemto provide more specific functionality for the communication devices,such as file system service and handling of protected and unprotecteddata stored in the local storage medium 706.

When the device 701 represents a WLA tracking apparatus, a WLA trackingapplication 724 is stored in memory 706. The WLA tracking application724 includes program instructions accessible by the one or moreprocessors 704 to direct a processor 704 to implement the methods,processes and operations described herein including, but not limited tothe methods, processes and operations illustrated in the Figures anddescribed in connection with the Figures. The WLA tracking application724 manages operation of the processor 704, display driver 750.

When the device 701 represents a security apparatus, a securityapplication 725 is stored in the memory 706. The security application725 includes program instructions accessible by the one or moreprocessors 704 to direct a processor 704 to implement the methods,processes and operations described herein including, but not limited tothe methods, processes and operations illustrated in the Figures anddescribed in connection with the Figures. The security application 725manages operation of the processor 704, display driver 750.

The memory 706 may also store one or more of a WLA log at 730, securitydata log 731, WLS list 732 and security zone log 733, all of which areutilized as described herein. Other applications stored in the memory706 include various application program interfaces (APIs), some of whichprovide links to/from the cloud hosting service. The power module 712preferably includes a power supply, such as a battery, for providingpower to the other components while enabling the device 701 to beportable, as well as circuitry providing for the battery to berecharged. The component interface 714 provides a direct connection toother devices, auxiliary components, or accessories for additional orenhanced functionality, and in particular, can include a USB port forlinking to a user device with a USB cable.

A display driver 750 is coupled to the processor 704 and configured tomanage display of content on a display 752. The display driver 750 isconnect to viewing regions of the OLED display 752. The display driver750 writes the desired content to the viewing region under direction ofthe main processor 704. Optionally, the display driver 750 includesdisplay memory 754 and one or more display control processors 756.Optionally, the display driver 750 may omit a separate processor andmemory, and alternatively or additionally, utilize sections of thememory 706 as display memory and the processor 704 to manage writingcontent to a display memory section within the memory 706.

Before concluding, it is to be understood that although e.g., a softwareapplication for undertaking embodiments herein may be vended with theapparatus and devices described herein, embodiments herein apply ininstances where such an application is e.g., downloaded from a server toa device or apparatus over a network such as the Internet. Furthermore,embodiments herein apply in instances where e.g., such an application isincluded on a computer readable storage medium that is being vendedand/or provided, where the computer readable storage medium is not acarrier wave or a signal per se.

CLOSING STATEMENTS

Before concluding, it is to be understood that although e.g., a softwareapplication for undertaking embodiments herein may be vended with adevice such as the system, embodiments herein apply in instances wheresuch an application is e.g., downloaded from a server to a device over anetwork such as the Internet. Furthermore, embodiments herein apply ininstances where e.g., such an application is included on a computerreadable storage medium that is being vended and/or provided, where thecomputer readable storage medium is not a carrier wave or a signal perse.

As will be appreciated by one skilled in the art, various aspects may beembodied as a system, method or computer (device) program product.Accordingly, aspects may take the form of an entirely hardwareembodiment or an embodiment including hardware and software that may allgenerally be referred to herein as a “circuit,” “module” or “system.”Furthermore, aspects may take the form of a computer (device) programproduct embodied in one or more computer (device) readable storagemedium(s) having computer (device) readable program code embodiedthereon.

Any combination of one or more non-signal computer (device) readablemedium(s) may be utilized. The non-signal medium may be a storagemedium. A storage medium may be, for example, an electronic, magnetic,optical, electromagnetic, infrared, or semiconductor system, apparatus,or device, or any suitable combination of the foregoing. More specificexamples of a storage medium would include the following: a portablecomputer diskette, a hard disk, a random access memory (RAM), a dynamicrandom access memory (DRAM), a read-only memory (ROM), an erasableprogrammable read-only memory (EPROM or Flash memory), a portablecompact disc read-only memory (CD-ROM), an optical storage device, amagnetic storage device, or any suitable combination of the foregoing.

Program code for carrying out operations may be written in anycombination of one or more programming languages. The program code mayexecute entirely on a single device, partly on a single device, as astand-alone software package, partly on single device and partly onanother device, or entirely on the other device. In some cases, thedevices may be connected through any type of network, including a localarea network (LAN) or a wide area network (WAN), or the connection maybe made through other devices (for example, through the Internet usingan Internet Service Provider) or through a hard wire connection, such asover a USB connection. For example, a server having a first processor, anetwork interface, and a storage device for storing code may store theprogram code for carrying out the operations and provide this codethrough its network interface via a network to a second device having asecond processor for execution of the code on the second device.

The units/modules/applications herein may include any processor-based ormicroprocessor-based system including systems using microcontrollers,reduced instruction set computers (RISC), application specificintegrated circuits (ASICs), field-programmable gate arrays (FPGAs),logic circuits, and any other circuit or processor capable of executingthe functions described herein. Additionally or alternatively, theunits/modules/controllers herein may represent circuit modules that maybe implemented as hardware with associated instructions (for example,software stored on a tangible and non-transitory computer readablestorage medium, such as a computer hard drive, ROM, RAM, or the like)that perform the operations described herein. The above examples areexemplary only, and are thus not intended to limit in any way thedefinition and/or meaning of the term “controller.” Theunits/modules/applications herein may execute a set of instructions thatare stored in one or more storage elements, in order to process data.The storage elements may also store data or other information as desiredor needed. The storage element may be in the form of an informationsource or a physical memory element within the modules/controllersherein. The set of instructions may include various commands thatinstruct the units/modules/applications herein to perform specificoperations such as the methods and processes of the various embodimentsof the subject matter described herein. The set of instructions may bein the form of a software program. The software may be in various formssuch as system software or application software. Further, the softwaremay be in the form of a collection of separate programs or modules, aprogram module within a larger program or a portion of a program module.The software also may include modular programming in the form ofobject-oriented programming. The processing of input data by theprocessing machine may be in response to user commands, or in responseto results of previous processing, or in response to a request made byanother processing machine.

It is to be understood that the subject matter described herein is notlimited in its application to the details of construction and thearrangement of components set forth in the description herein orillustrated in the drawings hereof. The subject matter described hereinis capable of other embodiments and of being practiced or of beingcarried out in various ways. Also, it is to be understood that thephraseology and terminology used herein is for the purpose ofdescription and should not be regarded as limiting. The use of“including,” “comprising,” or “having” and variations thereof herein ismeant to encompass the items listed thereafter and equivalents thereofas well as additional items. Further, in the following claims, thephrases “at least A or B”, “A and/or B”, and “one or more of A and B”(where “A” and “B” represent claim elements), are used to encompass i)A, ii) B and/or iii) both A and B. For the avoidance of doubt, the claimlimitation “utilizing one or more of the wireless activity andtimestamp” means and shall encompass i) “utilizing the wirelessactivity”, ii) “utilizing the timestamp” and/or iii) “utilizing both thewireless activity and the timestamp”. For the avoidance of doubt, theclaim limitation “to identify one or more of the security device and asegment of the security data” means and shall encompass i) “to identifythe security device”, ii) “to identify a segment of the security data”and/or iii) “to identify the security device and a segment of thesecurity data”.

It is to be understood that the above description is intended to beillustrative, and not restrictive. For example, the above-describedembodiments (and/or aspects thereof) may be used in combination witheach other. In addition, many modifications may be made to adapt aparticular situation or material to the teachings herein withoutdeparting from its scope. While the dimensions, types of materials andcoatings described herein are intended to define various parameters,they are by no means limiting and are illustrative in nature. Many otherembodiments will be apparent to those of skill in the art upon reviewingthe above description. The scope of the embodiments should, therefore,be determined with reference to the appended claims, along with the fullscope of equivalents to which such claims are entitled. In the appendedclaims, the terms “including” and “in which” are used as theplain-English equivalents of the respective terms “comprising” and“wherein.” Moreover, in the following claims, the terms “first,”“second,” and “third,” etc. are used merely as labels, and are notintended to impose numerical requirements on their objects or order ofexecution on their acts.

What is claimed is:
 1. A method, comprising: under control of one ormore processors configured with executable instructions; detecting, at awireless activity (WLA) tracking apparatus, wireless activity of amobile device in a proximity of a local wireless environment;automatically generating a WLA timestamp associated with the detectingthe wireless activity of the mobile device; and utilizing the wirelessactivity and the WLA timestamp to identify a security device and asegment of security data collected by the security device; wherein thedetecting comprises detecting a wireless signature of the mobile device,and wherein the utilizing comprises automatically correlating thewireless signature with the security device and the segment of securitydata collected by the security device based on the WLA timestamp; andwherein the utilizing further comprises receiving a search requestdesignating a wireless activity factor, and searching a WLA log for aWLA record of interest that satisfies the wireless activity factor, theWLA record of interest including the wireless signature and the WLAtimestamp.
 2. The method of claim 1, further comprising displaying thesegment of security data collected by the security device that overlapsthe WLA timestamp.
 3. The method of claim 1, wherein further comprisingidentifying a security zone in the local wireless environment in whichthe wireless activity occurred, wherein the utilizing further comprisesidentifying the security device that corresponds to the security zone.4. The method of claim 1, further comprising performing a securityaction based on the security device and the segment of security dataidentified.
 5. The method of claim 4, wherein the security actioncomprises sending an electronic notification to security personnel. 6.The method of claim 4, wherein the security action comprises sending arequest to change a state of the security device.
 7. The method of claim1, wherein the security device represents a PZT camera having pan, zoomand tilt (PZT) functionality, wherein the security action comprisesredirecting the PZT camera to point towards a detected path of themobile device.
 8. The method of claim 1, wherein the wireless activityrepresents one or more signals transmitted by the mobile device inconnection with one or more of requesting, establishing, maintaining ordisconnecting a communications session with the local wirelessenvironment.
 9. The method of claim 1, wherein the mobile deviceutilizes a wireless transmitter to establish at least a one-way ortwo-way communication session with the WLA tracking apparatus.
 10. Amethod, comprising: under control of one or more processors configuredwith executable instructions; detecting, at a wireless activity (WLA)tracking apparatus, wireless activity of a mobile device in a proximityof a local wireless environment; automatically generating a WLAtimestamp associated with the detecting the wireless activity of themobile device; and utilizing the wireless activity and the WLA timestampto identify a security device and a segment of security data collectedby the security device; wherein the detecting comprises detecting awireless signature of the mobile device, and wherein the utilizingcomprises automatically correlating the wireless signature with thesecurity device and the segment of security data collected by thesecurity device based on the WLA timestamp; and wherein the utilizingfurther comprises searching a security data log for security data ofinterest based on a comparison of the WLA timestamp and securitytimestamps stored in the security data log, the security data ofinterest including the security device and the segment of security datacollected by the security device.
 11. The method of claim 10, furthercomprising displaying the segment of security data collected by thesecurity device that overlaps the WLA timestamp.
 12. An apparatus,comprising: a tracking circuit to detect wireless activity in proximityto a local wireless environment; wherein to detect the wireless activitycomprises to detect a wireless signature of a mobile device; aprocessor; and a memory to store program instructions accessible by theprocessor, wherein, responsive to execution of the program instructions,the processor to perform the following: automatically generate a WLAtimestamp associated with the detecting of the wireless activity of themobile device; and utilize the wireless activity and the WLA timestampto identify a security device and a segment of security data collectedby the security device; and wherein to utilize the wireless activity andthe WLA timestamp to identify the security device and the segment of thesecurity data collected by the security device comprises: automaticallycorrelating the wireless signature with the security device and thesegment of security data collected by the security device based on theWLA timestamp; receiving a search request designating a wirelessactivity factor; and searching a WLA log for a WLA record of interestthat satisfies the wireless activity factor, the WLA record of interestincluding the wireless signature and the WLA timestamp.
 13. Theapparatus of claim 12, where the memory stores the WLA log including theWLA record of interest, the WLA record of interest including thecorresponding WLA timestamp indicating when the wireless signature ofthe mobile device was detected.
 14. The apparatus of claim 13, whereinthe WLA record of interest further comprises one or more of securityzones where the wireless signature is detected, a WLS entry time inconnection with the wireless signature entering a detection range of thetracking circuit, and a WLS exit time in connection with the wirelesssignature exiting the detection range.
 15. The apparatus of claim 13,wherein the memory stores a WLS list that includes one or more of knownwireless signatures, repeat wireless signatures and restricted wirelesssignatures.
 16. The apparatus of claim 12, wherein the processor,responsive to execution of program instructions, to maintain the WLA logof wireless signatures of mobile devices detected by the trackingcircuit and corresponding WLA timestamps.
 17. The apparatus of claim 12,wherein the processor, responsive to execution of program instructions,to search a security data log for security data of interest based on acomparison of the WLA timestamp and security timestamps stored in thesecurity data log, the security data of interest including the securitydevice and the segment of security data collected by the securitydevice.
 18. A computer program product comprising a non-transitorycomputer readable storage medium comprising computer executable code to:detecting, at a wireless activity (WLA) tracking apparatus, wirelessactivity of a mobile device within a proximity of a local wirelessenvironment; automatically generating a WLA timestamp associated withthe detecting of the wireless activity of the mobile device; andutilizing the wireless activity and the WLA timestamp to identify asecurity device and a segment of security data collected by the securitydevice; wherein the detecting comprises detecting a wireless signatureof the mobile device, and wherein the utilizing comprises automaticallycorrelating the wireless signature with the security device and thesegment of security data collected by a security device based on the WLAtimestamp; and wherein the utilizing further comprises receiving asearch request designating a wireless activity factor, and searching aWLA log for a WLA record of interest that satisfies the wirelessactivity factor, the WLA record of interest including the wirelesssignature and the WLA timestamp.
 19. The computer program product ofclaim 18, further comprising a security data log, wherein the computerexecutable code to search the security data log for the security databased on a comparison of the WLA timestamp and security timestampsstored in the security data log, the security data including thesecurity device and the segment of security data collected by thesecurity device.
 20. The computer program product of claim 18, furthercomprising a WLA log including WLA records that include wirelesssignatures of mobile devices detected, the WLA records includingcorresponding WLA timestamps indicating when the wireless signatures ofthe mobile devices were detected.